== nginx+certbot en contenedor
- crear estructura de directorios:
mkdir -p data/nginx/conf.d
mkdir -p data/nginx/www
mkdir -p data/certbot/www
mkdir -p data/certbot/conf
- crear fichero configuraciĆ³n nginx:
server {
listen 80;
server_name ;
# location / {
# return 301 https://$host$request_uri;
# }
root /var/www/html;
index index.html;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
#server {
# listen 443 ssl;
# server_name ;
# ssl_certificate /etc/letsencrypt/live/k0.vividumcodex.com/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/k0.vividumcodex.com/privkey.pem;
## include /etc/letsencrypt/options-ssl-nginx.conf;
## ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
#
# location / {
# root /var/www/html;
# }
}
- ejecutar:
docker run \
-it \
--name nginx \
--rm \
-p 80:80 \
-v ${PWD}/data/nginx/conf.d:/etc/nginx/conf.d \
-v ${PWD}/data/nginx/www:/var/www/html \
-v ${PWD}/data/certbot/conf:/etc/letsencrypt \
-v ${PWD}/data/certbot/www:/var/www/certbot \
nginx:1.15-alpine
- ejecutar:
docker run \
-it \
--name certbot \
--rm \
-v ${PWD}/data/certbot/conf:/etc/letsencrypt \
-v ${PWD}/data/certbot/www:/var/www/certbot \
certbot/certbot:latest certonly
* opciĆ³n 2 (place files in webroot directory)
* webroot: **/var/www/certbot**
=== origen
[[https://medium.com/@pentacent/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71]]
version: '3'
services:
nginx:
image: nginx:1.15-alpine
ports:
- "80:80"
- "443:443"
volumes:
- ./data/nginx/conf.d:/etc/nginx/conf.d
- ./data/nginx/www:/var/www/html
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
# command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
command: "certonly"
# # entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"